Compumedics USA Data Breach Affects 318K Americans: SSNs Exposed

On April 11, 2025, Compumedics USA Inc. discovered that an unauthorized actor had gained access to its computer network and exfiltrated certain files. The unauthorized access occurred over an 11-day period, from March 13, 2025, to March 24, 2025. During this time, the intruder was able to take files containing sensitive personal information.

After a thorough review, Compumedics determined that the affected files included names, dates of birth, Social Security numbers, medical records including treatment and diagnosis information and health insurance information.

A disclosure was filed with the Department of Health & Human Services on June 27, 2025, stating 318,150 Americans had their protected health information PHI) exposed. However, the disclosure did not go live on the HHS breach portal until July 15th.

The breach impacted four residents in Maine, seven in Massachusetts, fifteen in New Hampshire and 329 in Texas. The total number of affected individuals in the United States has not been disclosed.

Compumedics disclosed the data breach breach to the Maine, Massachusetts, New Hampshire, Texas and Vermont Attorney Generals' offices beginning on May 8, 2025. Compumedics also posted a Notice of Security Incident on its own website.

Compumedics USA's response

Following the discovery of the breach, Compumedics USA secured its network to prevent further unauthorized access and launched an internal investigation. On May 8, 2025, Compumedics began notifying affected individuals by mail.

To help protect those affected, Compumedics is offering complimentary credit monitoring and identity theft protection services through Experian’s IdentityWorks. Affected individuals will receive instructions on how to activate these services, which include credit monitoring, identity restoration support, and identity theft insurance. The company has also established a dedicated, toll-free call center (855-260-0907) to answer questions and provide assistance.

In addition to these immediate steps, Compumedics has implemented additional security measures and is continuing to train employees on data security best practices. If you believe you may be affected, it is important to remain vigilant by monitoring your financial accounts and credit reports for any unauthorized activity. You may also consider placing a fraud alert or security freeze on your credit file, as described in the notification letter.

For more information about the company and its services, visit the Compumedics USA Inc. website.